vendor:
DI-614+, DI-704, DI-624 Routers
by:
Unknown
7.5
CVSS
HIGH
HTML Injection
79
CWE
Product Name: DI-614+, DI-704, DI-624 Routers
Affected Version From: DI-614+, DI-704, DI-624
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: h:d-link:di-614+ cpe:/h:d-link:di-704 cpe:/h:d-link:di-624
Platforms Tested: Unknown
Unknown
HTML Injection Vulnerability in DI-614+, DI-704, and DI-624 Routers
An attacker with access to the wireless or internal network segments of the DI-614+, DI-704, and DI-624 routers can craft malicious DHCP hostnames that, when sent to the router, will be logged and can cause unintended changes to the router's configuration. Other attacks may also be possible.
Mitigation:
No specific mitigation provided